* Sat May 28 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-3
- Add Ivan's patch for user role changes in genhomedircon
This commit is contained in:
parent
6124877e2e
commit
ee898f2f7e
@ -1,6 +1,6 @@
|
|||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-1.23.11/load_policy/load_policy.c
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-1.23.11/load_policy/load_policy.c
|
||||||
--- nsapolicycoreutils/load_policy/load_policy.c 2005-04-14 07:22:16.000000000 -0400
|
--- nsapolicycoreutils/load_policy/load_policy.c 2005-04-14 07:22:16.000000000 -0400
|
||||||
+++ policycoreutils-1.23.11/load_policy/load_policy.c 2005-05-26 10:49:44.000000000 -0400
|
+++ policycoreutils-1.23.11/load_policy/load_policy.c 2005-05-28 01:25:28.000000000 -0400
|
||||||
@@ -103,7 +103,7 @@
|
@@ -103,7 +103,7 @@
|
||||||
if (errno == ENOENT || errno == EINVAL) {
|
if (errno == ENOENT || errno == EINVAL) {
|
||||||
/* No booleans file or stale booleans in the file; non-fatal. */
|
/* No booleans file or stale booleans in the file; non-fatal. */
|
||||||
@ -30,7 +30,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.
|
|||||||
exit(2);
|
exit(2);
|
||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.23.11/newrole/newrole.c
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.23.11/newrole/newrole.c
|
||||||
--- nsapolicycoreutils/newrole/newrole.c 2005-05-20 13:15:12.000000000 -0400
|
--- nsapolicycoreutils/newrole/newrole.c 2005-05-20 13:15:12.000000000 -0400
|
||||||
+++ policycoreutils-1.23.11/newrole/newrole.c 2005-05-26 08:46:35.000000000 -0400
|
+++ policycoreutils-1.23.11/newrole/newrole.c 2005-05-28 01:25:28.000000000 -0400
|
||||||
@@ -198,6 +198,11 @@
|
@@ -198,6 +198,11 @@
|
||||||
result = 0; /* user authenticated OK! */
|
result = 0; /* user authenticated OK! */
|
||||||
}
|
}
|
||||||
@ -43,3 +43,38 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policy
|
|||||||
/* We're done with PAM. Free `pam_handle'. */
|
/* We're done with PAM. Free `pam_handle'. */
|
||||||
pam_end( pam_handle, PAM_SUCCESS );
|
pam_end( pam_handle, PAM_SUCCESS );
|
||||||
|
|
||||||
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.23.11/scripts/genhomedircon
|
||||||
|
--- nsapolicycoreutils/scripts/genhomedircon 2005-04-14 07:22:16.000000000 -0400
|
||||||
|
+++ policycoreutils-1.23.11/scripts/genhomedircon 2005-05-28 01:26:50.000000000 -0400
|
||||||
|
@@ -357,16 +357,22 @@
|
||||||
|
return udict
|
||||||
|
|
||||||
|
def getHomeDirContext(self, user, home, role):
|
||||||
|
- ret="\n\n#\n# Context for user %s\n#\n\n" % user
|
||||||
|
+ ret="\n\n#\n# Home Context for user %s\n#\n\n" % user
|
||||||
|
rc=commands.getstatusoutput("grep '^HOME_DIR' %s | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), home, role, user))
|
||||||
|
return ret + rc[1] + "\n"
|
||||||
|
|
||||||
|
+ def getUserContext(self, user, sel_user, role):
|
||||||
|
+ ret="\n\n#\n# Other Context for user %s\n#\n\n" % user
|
||||||
|
+ rc=commands.getstatusoutput("grep 'USER' %s | sed -e 's/USER/%s/' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), user, role, sel_user))
|
||||||
|
+ return ret + rc[1] + "\n"
|
||||||
|
+
|
||||||
|
def genHomeDirContext(self):
|
||||||
|
users = self.getUsers()
|
||||||
|
ret=""
|
||||||
|
# Fill in HOME and ROLE for users that are defined
|
||||||
|
for u in users.keys():
|
||||||
|
ret += self.getHomeDirContext (u, users[u]["home"], users[u]["role"])
|
||||||
|
+ ret += self.getUserContext (u, u, users[u]["role"])
|
||||||
|
return ret+"\n"
|
||||||
|
|
||||||
|
def checkExists(self, home):
|
||||||
|
@@ -428,6 +434,7 @@
|
||||||
|
ret= self.heading()
|
||||||
|
for h in self.getHomeDirs():
|
||||||
|
ret += self.getHomeDirContext ("user_u" , h+'/[^/]*', "user")
|
||||||
|
+ ret += self.getUserContext(".*", "user_u", "user") + "\n"
|
||||||
|
ret += self.getHomeRootContext(h)
|
||||||
|
ret += self.genHomeDirContext()
|
||||||
|
return ret
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
Summary: SELinux policy core utilities.
|
Summary: SELinux policy core utilities.
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 1.23.11
|
Version: 1.23.11
|
||||||
Release: 2
|
Release: 3
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||||
@ -84,6 +84,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||||||
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sat May 28 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-3
|
||||||
|
- Add Ivan's patch for user role changes in genhomedircon
|
||||||
|
|
||||||
* Thu May 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-2
|
* Thu May 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-2
|
||||||
- Fix warning message on reload of booleans
|
- Fix warning message on reload of booleans
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user